Skip to content

GitHub Advisory Database

Security vulnerability database inclusive of CVEs and GitHub originated security advisories from the world of open source software.

GitHub reviewed advisories

Unreviewed advisories

CC-BY-4.0 License
Language support
About GitHub Advisory Database
Filter advisories

Filter advisories

GitHub reviewed advisories
All reviewed
5,000+
Composer
4,750
Erlang
35
GitHub Actions
29
Go
2,323
Maven
5,000+
npm
3,956
NuGet
712
pip
3,739
Pub
12
RubyGems
921
Rust
973
Swift
38
Unreviewed advisories
All unreviewed
5,000+

115 advisories

Loading
Hyper-V in Microsoft Windows 8.1, Windows Server 2012 R2, and Windows 10 improperly processes ACL... Low Unreviewed
CVE-2015-2534 was published May 14, 2022
Mozilla Firefox OS before 2.2 allows physically proximate attackers to bypass the pass-code... Low Unreviewed
CVE-2015-5960 was published May 17, 2022
The Colorbox module 7.x-2.x before 7.x-2.10 for Drupal allows remote authenticated users with... Low Unreviewed
CVE-2015-7881 was published May 17, 2022
The chunked upload API (ApiUpload) in MediaWiki before 1.23.11, 1.24.x before 1.24.4, and 1.25.x... Low Unreviewed
CVE-2015-8001 was published May 17, 2022
runmqsc in IBM WebSphere MQ 8.x before 8.0.0.5 allows local users to bypass intended queue... Low Unreviewed
CVE-2015-7473 was published May 17, 2022
IBM QRadar SIEM 7.1 before MR2 Patch 13 and 7.2 before 7.2.7 mishandles authorization, which... Low Unreviewed
CVE-2016-2874 was published May 17, 2022
SpringBoard in Apple iOS before 9 allows physically proximate attackers to bypass a lock-screen... Low Unreviewed
CVE-2015-5861 was published May 17, 2022
Cybozu Office 9.0.0 through 10.4.0 allows remote attackers to conduct a "reflected file download"... Low Unreviewed
CVE-2016-4874 was published May 17, 2022
IBM Tivoli Storage Productivity Center could allow an authenticated user with intimate knowledge... Low Unreviewed
CVE-2016-8942 was published May 17, 2022
A vulnerability has been identified in IBM Cloud Orchestrator services/[action]/launch API. An... Low Unreviewed
CVE-2015-7494 was published May 17, 2022
Vulnerability in the Solaris Cluster component of Oracle Sun Systems Products Suite (subcomponent... Low Unreviewed
CVE-2016-5551 was published May 17, 2022
Unspecified vulnerability in the Oracle Identity Manager component in Oracle Fusion Middleware... Low Unreviewed
CVE-2016-5506 was published May 17, 2022
Unspecified vulnerability in Oracle Sun Solaris 11.3 allows local users to affect availability... Low Unreviewed
CVE-2016-5615 was published May 17, 2022
Low severity vulnerability that affects org.apache.hive:hive-exec, org.apache.hive:hive, and org.apache.hive:hive-service Low
CVE-2014-0228 was published for org.apache.hive:hive (Maven) Nov 21, 2018
Keycloak is vulnerable to IDN homograph attack Low
GHSA-mwm4-5qwr-g9pf was published for org.keycloak:keycloak-services (Maven) Apr 28, 2022
klausenbusk kurt-r2c
ProTip! Advisories are also available from the GraphQL API
CC-BY-4.0 License
Language support
About GitHub Advisory Database